Comments (11)
One solution would be to have a flow similar to oauth:
- User creates wallet at mywallet.com
- User goes to mycoolgame.net and asks to login
- mycoolgame.net makes the standard request, but while they wait, they redirect the user to mywallet.com/request?1234
- user sees a mywallet.com confirmation that asks them to authorize mycoolgame.net and clicks "ok"
- user is back at mycoolgame.net with working thing
In order to do this we need:
- A way to detect the user's "default" wallet
- a standard url request for that process
Seems better than a browser add-on.
from unilogin.
Here's how the connection request could look like:
Or it could be a single button with a dropdown. But these can only be built after it wallets work
from unilogin.
I would argue it is reasonable to have 10 keys for 10 different dapps, as each I would be granting different access level and each I can connect or disconnect separately.
E.g.
I have one key for 0x that I trust completely and can do transactions alone, while dharma key has daily limit 1000 and monthly limit 10000, above that I need to another key to confirm.
@marekkirejczyk I agree long term this should be the use case, but every add key will have an associated gas cost, so while using the network is still relatively expensive I don't think adding a key per dapp is the ultimate solution. I'm now working on a project that uses a implementation of shamir's secret sharing to allow you to retrieve a private key from a google sign in. This could perhaps be a good short term solution for Universal Logins.
This means that you don't need to trust a central authority to have access to your identity for identity recovery (although you are still trusting your google account to provide OAuth token to the network)
from unilogin.
Not sure I understand what you meant. Do you mean that it would share credential information between all the apps I visit? That sounds like a terrible security nightmare! I prefer have specific authorizations per app, so that I am sure the app cannot steal my money.
from unilogin.
I'm not sure what the best solution is, but I don't see people who interact with 10 different DAPPs wanting to do 2 factor authentication for each one, especially on the same device.
from unilogin.
Any ideas on how we would detect their default wallet?
from unilogin.
I think it's inevitable that we'll need some ways to have public information associated with each account, maybe through 3box or not.
But honestly, considering that in the beginning there would be very few providers, a good UX could be simply:
- App makes a connection request in the background to the relayers
- While waiting, the app shows the user a selection of most popular wallets and asks them to select one to use for confirmation
- User clicks on their preferred wallet, the app knows how each one handles requests and forwards it
Thinking about that, here's what I suggest a very small change we can do in the current app: in the PendingAuthorization view, we should also to pass information via the url to make a new request. That would be something like
localhost:1234/?request=0x123456&terms=0xffbbaacc&callback=mywallet.com/authorization
Or whatever fits better with existing standard like oauth
from unilogin.
I think conceptually these should be called "Identity Providers" and not "Wallet Providers" - thoughts?
from unilogin.
from unilogin.
I think 'Identity Provider' should be the name, because these services will encapsulate more than just your primary login - they also distributed your identity to you in the first place, for example with Boomerang, Skedaddle will be our 'Identity Provider' for new users wanting to use Boomerang at first of course the user could have already created an identity previously through another 'Identity Provider'
from unilogin.
I would argue it is reasonable to have 10 keys for 10 different dapps, as each I would be granting different access level and each I can connect or disconnect separately.
E.g.
I have one key for 0x that I trust completely and can do transactions alone, while dharma key has daily limit 1000 and monthly limit 10000, above that I need to another key to confirm.
from unilogin.
Related Issues (20)
- Consider web components
- @universal-login/sdk build fails: HOT 1
- Multi Network Relayer HOT 5
- Run in the browser without bundlers HOT 1
- "await sdk.start" will be hang up HOT 1
- About UI when distributing keys
- Type compilation error for `universal-login start:dev`
- apple killed local storage. what does that mean for uniLogin? HOT 3
- Does the Relayer really need a public provider field
- Example - event stream does not show
- Ethers.js - query returned more than 1000 results. Loading activity stuck HOT 1
- Meta-tx execution fails with ambiguous error when gas is insufficient
- ERC1077.sol does not adhere to the ERC1077 spec HOT 1
- Postgres configuration
- Open up the number of node versions that can be used HOT 1
- Support for multiple programming languages
- Relay is undeployable HOT 1
- Unhandled promise rejection in SuggestionService HOT 1
- SuggestionService suggests names which cause deploy() to throw HOT 1
- Links to LGPL-v3-licensed contract dirs broken in README HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from unilogin.